ruuand's Stars
wagiro/BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
yeyintminthuhtut/Awesome-Red-Teaming
List of Awesome Red Teaming Resources
GhostPack/Rubeus
Trying to tame the three-headed dog.
leechristensen/SpoolSample
PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.
infosecn1nja/AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
secfigo/Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
arkadiyt/bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
eladshamir/Internal-Monologue
Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
vysecurity/RedTips
Red Team Tips as posted by @vysecurity on Twitter
dirkjanm/BloodHound.py
A Python based ingestor for BloodHound
utsecnet/PAW
rmusser01/Infosec_Reference
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
nccgroup/AutoRepeater
Automated HTTP Request Repeating With Burp Suite
ngalongc/bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
shipcod3/mySapAdventures
A quick methodology on testing / hacking SAP Applications for n00bz and bug bounty hunters
bitquark/dnspop
Analysis of DNS records to find popular trends
rdegges/skele-cli
A skeleton command line program in Python.
jonluca/Anubis
Subdomain enumeration and information gathering tool
jonluca/Anubis-DB
Database to store previously found subdomains
djadmin/awesome-bug-bounty
A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
EdOverflow/bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
percx/Praeda
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
GDSSecurity/WCF-Binary-SOAP-Plug-In
This is a Burp Suite plug-in designed to encode and decode WCF Binary Soap request and response data ("Content-Type: application/soap+msbin1). There are two versions of the plug-in available (consult the README for more information).
fortra/impacket
Impacket is a collection of Python classes for working with network protocols.
hfiref0x/UACME
Defeating Windows User Account Control
PaulSec/awesome-windows-domain-hardening
A curated list of awesome Security Hardening techniques for Windows.
bluscreenofjeff/Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
SpiderLabs/Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
BloodHoundAD/BloodHound
Six Degrees of Domain Admin